Crime has gone high-tech. In the beginning, ransomware was an attack by hackers designed to disrupt a victim’s IT systems. It would be followed up by monetary demands to get them to remove their claws. Ransomware as a Service is the latest cyber security threat to business of all sizes. It consists of ready-made kits that that can be purchased online from the darkweb – kits that are designed to attack your mission critical operations.
What is Ransomware as a Service?
Today, however, it has gotten even more sinister with the arrival of Ransomware as a Service (RaaS), which enables cybercriminals to replicate the software-as-a-services model and make attacks through custom-made applications they can buy ready-to-go through the backchannels of the internet.
By using the RaaS applications, cybercriminals can make their attacks on enterprise IT systems, then communicate their ransom demands to victims who want to regain control of their operations. The attackers demand their payments using a convoluted path so it is harder to trace them.
Data, whole IT systems and other information are the targets of these cybercriminals, who can easily buy these specialized and destructive applications where they can launch their attacks.
Making it more of a threat to businesses, RaaS applications is "designed to be so user-friendly that anyone with little or no technical knowledge can also easily deploy them to make money," according to an April 2017 story by The Hacker News. Through such means, ransomware has been targeting businesses, hospitals, financial institutions and individuals worldwide and extorting millions of dollars, the story reported.
Karmen – A Chilling Example of Commoditizing Crime
One of the latest RaaS variants, called Karmen, is based on an old open-source ransomware building toolkit known as Hidden Tear and is sold on Dark Web forums from a hacker named DevBitox for $175, according to The Hacker News. "Like any typical ransomware infections, Karmen encrypts files on the infected PC using the strong AES-256 encryption protocol, making them inaccessible to the victim until he/she pays a large sum of money to obtain the decryption key from the attacker."
The Karmen application gives users a web-based control panel hosted on the Dark Web with a user-friendly graphical dashboard that allows them to personalize their attacks on businesses and other users, the story continues. The hackers can keep track of their attacks and the money they are extorting.
When a victim's files and systems are attacked by a hacker, "the Karmen ransomware encrypts the victim's files and shows a popup window with a threatening message warning the user not to interfere with the malware; otherwise, they might lose all their files," according to the story.
RaaS is real and it's a real threat as well.
How to Protect Yourself From Ransomware as a Service
To fight such attacks, The Hacker News suggests several obvious steps to help fight RaaS and other ransomware threats:
- Keep regular backups of your important data.
- Be sure to run active anti-virus security tools on your systems.
- Do not open email attachments from unknown sources.
- Most importantly, always browse the internet safely.
A December 2017 post on IBM's SecurityIntelligence blog states that the latest RaaS attacks appear to be coming from "two factions of cybercriminals: traditional fraudsters who seek to launch massive attacks through phishing campaigns without using exploit kits (EKs) and cybergangs that focus on more sophisticated attacks." These attackers appear to be "sharing certain pieces of code or features with other ransomware families" to further their attacks.
"The truth is that everybody is at risk, but certain industries and companies are more attractive to fraudsters," including government institutions, banks, electric utilities, law firms and others, the IBM post continued. "Health care organizations such as hospitals, for example, are particularly vulnerable due to the high value of patient data. When fraudsters lock up historical medical data, health care professionals are unable to render crucial medical services and thus more likely to pay a ransom to recover their stolen data."
RaaS is out there. Be sure that your company is working actively to prevent ransomware attacks and minimize its risks and dangers to your operations by incorporating ransomware protections. Becoming a victim of RaaS is not something you want to endure.